package com.example.fu3.inceptor;

import com.example.fu3.utils.JWTUtil;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Enumeration;

/**
 * 授权拦截器，用来验证用户是否有权利访问接口
 */
public class AuthInterceptor implements HandlerInterceptor {
    /**
     * 要验证用户是否有权限，那么就要验证token
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // 从头部获取我们的token
        String token = request.getHeader("Authorization");
        System.out.println(token);
        // 设置返回值类型
        response.setContentType("text/plain;charset=utf-8");
        // 如果token是空的就说明没有token，没有权限
        if (token == null) {
            response.getWriter().write("没有token");
            return false;
        }
        boolean b = JWTUtil.verifyToken(token);
        if (!b) {
            response.getWriter().write("用户认证失败");
            return false;
        }
        // 统一处理用户id不存在的情况
        Long userId = JWTUtil.getUserId(token);
        if (userId == null) {
            response.getWriter().write("用户不存在或者过期");
            return false;
        }
        return b;
    }
}
